Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

SUSE Linux 15 SP4: 2025:0107-1 important kernel security fix

suse
Calendar Grey January 14, 2025
Scroller Suse
An essential security patch for the Linux kernel pinpointing various vulnerabilities has been released for SLE 15 SP4.
* bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832

Summary

## This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).

References

* bsc#1219296

* bsc#1220145

* bsc#1220211

* bsc#1220828

* bsc#1220832

* bsc#1221302

* bsc#1222685

* bsc#1222882

* bsc#1223059

* bsc#1223363

* bsc#1223514

* bsc#1223521

* bsc#1223681

* bsc#1223683

* bsc#1225011

* bsc#1225012

* bsc#1225013

* bsc#1225099

* bsc#1225309

* bsc#1225310

* bsc#1225311

* bsc#1225312

* bsc#1225313

* bsc#1225733

* bsc#1225739

* bsc#1225819

* bsc#1226325

* bsc#1227471

* bsc#1228573

* bsc#1228786

* bsc#1229553

* bsc#1231353

* bsc#1232637

* bsc#1233712

Cross-

* CVE-2021-47598

* CVE-2022-48651

* CVE-2022-48662

* CVE-2022-48956

* CVE-2023-52340

* CVE-2023-52502

* CVE-2023-52752

* CVE-2023-52846

* CVE-2023-6546

* CVE-2024-23307

* CVE-2024-26585

* CVE-2024-26610

* CVE-2024-26622

* CVE-2024-26766

* CVE-2024-26828

* CVE-2024-26852

* CVE-2024-26923

* CVE-2024-26930

* CVE-2024-27398

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0107-1
Release Date: 2025-01-14T18:33:38Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.